The ProgrammersTalk Community
Forum Register Search Today's Posts Mark Forums Read
Register

Go Back   The ProgrammersTalk Community > Web Programming > PHP
Reload this Page $_FILES checks...?


Welcome to the The ProgrammersTalk Community forums.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so please, join our community today!

If you have any problems with the registration process or your account login, please contact contact us.
Reply
 
LinkBack Thread Tools    Display Modes   
  #1 (permalink)  
Old 02-13-2008, 05:05 AM
Lee's Avatar
Lee Lee is offline
PT Staff*
Awards Showcase
Quality Tutorial 
Total Awards: 1
Join Date: Jun 2007
Location: Blackpool, UK
Posts: 616
iTrader: (0)
Lee is just really niceLee is just really niceLee is just really niceLee is just really nice
$_FILES checks...?
Hey,

I was hoping someone could let me know if when you have a file upload script any checks need to be done on $_FILES, the reason i ask is because i think i heard somewhere that $_FILES is handled differently to $_POST or $_GET, if i was adding the file name to a database would i check that? and what else would need to be checked?

(I know size and extensions need to be checked).

Thanks,
Lee.
Reply With Quote
  #2 (permalink)  
Old 02-13-2008, 01:55 PM
TeraTask's Avatar
TeraTask TeraTask is offline
PT Admin
Awards Showcase
Quality Tutorial Quality Tutorial Quality Tutorial 
Total Awards: 3
Join Date: Jun 2007
Location: Reno, NV
Posts: 442
iTrader: (0)
TeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to behold
Have you checked out PHP: Handling file uploads - Manual ? It gives you the structure of $_FILES.

__________________
Jeremy Miller
Content Farmer - Optimized Automated Blog Posting
Digg this Post! Del.Icio.Us this Post! Technorati this Post! Furl this Post! Mister Wong this Post! Newsvine this Post! Spurl this Post! Reddit this Post! Netscape this Post!
Reply With Quote
  #3 (permalink)  
Old 02-13-2008, 04:53 PM
Lee's Avatar
Lee Lee is offline
PT Staff*
Awards Showcase
Quality Tutorial 
Total Awards: 1
Join Date: Jun 2007
Location: Blackpool, UK
Posts: 616
iTrader: (0)
Lee is just really niceLee is just really niceLee is just really niceLee is just really nice
Yes i have looked at that, i was hoping you could maybe mention if there was any checks that needed to be done, such as stripslashes or something?
Reply With Quote
  #4 (permalink)  
Old 02-13-2008, 09:57 PM
TeraTask's Avatar
TeraTask TeraTask is offline
PT Admin
Awards Showcase
Quality Tutorial Quality Tutorial Quality Tutorial 
Total Awards: 3
Join Date: Jun 2007
Location: Reno, NV
Posts: 442
iTrader: (0)
TeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to beholdTeraTask is a splendid one to behold
Well, except for the uploaded filename, everything else is created by PHP so you don't need sanitize that data.

__________________
Jeremy Miller
Content Farmer - Optimized Automated Blog Posting
Digg this Post! Del.Icio.Us this Post! Technorati this Post! Furl this Post! Mister Wong this Post! Newsvine this Post! Spurl this Post! Reddit this Post! Netscape this Post!
Reply With Quote
Reply

« PHP/MYSQL Register System | Hit Counter »

Thread Tools
Display Modes
Linear Mode Linear Mode

   Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -7. The time now is 06:38 AM. Powered by vBulletin
Copyright © 2000 - 2007, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO © 2007 ProgrammersTalk Sedo - Buy and Sell Domain Names and Websites project info: programmerstalk.net Statistics for project programmerstalk.net etracker® web controlling instead of log file analysis

FAQ - Contact Us - The ProgrammersTalk Community - Archive - Privacy Statement - Top

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50